Cybersecurity News

One of the most popular remote management apps for Android has been putting tens of millions of users at risk of crippling cyberattacks for several months. The company has been criticised for appearing to put new features above patching the issues.

Security researchers have warned that some medical implants contain flaws that could prove fatal if exploited by attackers. The implants can communicate data to devices outside the body and accept commands in return, letting hackers turn them off.

A new strain of malware called Gooligan has successfully breached over one million Google accounts, according to security researchers today. The "alarming" campaign uses malicious apps designed as real ones to gain control of accounts.

Concerns have been raised over the privacy afforded by caller ID apps such as Truecaller and CM Security. The apps are storing the details of billions of people in publicly searchable databases. People who have never used an app are also affected.

Security researchers have demonstrated how a pair of headphones could be turned into a microphone and used to snoop on conversations. In testing, the system proved to be as effective as a regular unpowered microphone connected to a PC.

A new hacking tool dubbed "PoisonTap" costs just $5 to create and can gain access to unattended computers even when their displays are locked. The attacker can use the device to monitor network traffic and spy on a user's activities.

Security contractors have discovered that some popular budget smartphones contain a backdoor that sends data to China. The weakness was added deliberately but it is not known why the data is being sent. The back door is present on U.S. handsets.

Shazam's Mac app never turns the microphone off, according to a security researcher who studied the program. While Shazam doesn't process audio while in the background, its lack of warning to users has caused a privacy scare. The app will be updated.

During the ARM TechCon event in Santa Clara, Calif, Charlie Miller, a known security engineer at Uber, claims that next-generation thieves can steal an AI-driven driverless car remotely by hacking its software.

Google has announced it is rolling out an update to its Safe Browsing technology that will filter out "repeat offender" sites. The company said it had observed webpages using flaws in Safe Browsing's implementation to continue displaying harmful material.

Schools across the U.K. are failing to comply with data protection laws by installing specialist "classroom management" software on their computers. The findings were made after civil liberties group Big Brother Watch contacted 1,000 secondary schools.

U.K. banking provider Tesco Bank has announced it has suspended all online transactions for its current account customers. The bank's chief executive confirmed criminals stole money from over 20,000 accounts over the weekend. It is currently unknown how.

Google has released its latest HTTPS Transparency Report, indicating how many websites are migrating their servers to use secure connections. Significant progress has been made in the past 18 months, keeping data protected and users safe online.

Security researchers have discovered an Internet-connected webcam that has some of the weakest security found on a commercial product. The dangerous device leaks passwords in plain text and can be easily hijacked from across the Internet to spy on users.

Google has publicly detailed a "critical" bug in Windows just 10 days after reporting it to Microsoft. Google has come under fire for releasing details before a fix is available but the company insists it is "protecting users" by doing so.

Chinese webcam manufacturer Xiongmai has announced it is recalling many of its products in the wake of last week's internet outage. The attack affected sites including Spotify and Twitter and is believed to have been triggered by hijacked 'smart' devices.

Security researchers have demonstrated a new kind of mobile attack that gives hackers complete control of a large number of Android phones. It's significant because it exploits a hardware flaw and does not require any special app permissions to run.

Hackers hijacked internet-connected smart home devices including security cameras, printers and digital video recorders to mount the "massive and sustained" cyberattack on the Internet's infrastructure last week. Scores of websites were made inaccessible.

Security researchers have warned that a privilege-escalation bug found in the Linux operating system could be the "most serious" of its kind ever discovered. It has been present in the kernel for nine years and is being actively exploited by attackers.

A flaw in Intel's processors could allow attackers to bypass security mechanisms and inject malware into code, security researchers have warned. The technique works on almost every operating system and enables more effective software exploits.

Microsoft has warned customers that iOS is no more secure than Android, contradicting commonly held beliefs about the relative security of the two platforms. The company said that recent attacks targeting iOS prove it's as vulnerable as Android.

Yahoo has turned back on email forwarding, a week after switching it off without warning. Some critics have suggested the company did it deliberately to stop customers leaving after it revealed 500 million customer accounts were accessed back in 2014.

The Mooltipass Mini is a physical password store designed to help you stay safe online. It guards your passwords against threats and ensures you don't forget important credentials. The standalone device takes the pain out of password-based authentication.

Members of the UK's parliament have been banned from wearing Apple Watch smartwatches during Cabinet meetings over concerns they could be hacked by Russian spies. The ruling has come from Prime Minister Theresa May and concerns all wearables.

Security researchers have warned the almost constant stream of cybersecurity warnings is causing "security fatigue" among consumers. Computer users are being faced with continual advisories and alerts which are causing them to ignore important notices.

Spotify is inadvertently infecting users' computers with malware, according to a spate of reports from customers. The company's network has been compromised by malicious adverts that are displayed in the free version of the Spotify client.

Researchers have detailed a series of security risks in the Linux kernel that threaten to put the future of the Internet of Things at risk. Developers told the 2016 Linux Security Summit that Linux needs a "total rethink" to remain safe to use.

A security researcher has discovered a strain of Microsoft Office malware that utilises a simple but effective technique to evade detection by analysts. While it is relatively unsophisticated, it points to the future challenges of combating cybercrime.

A potentially devastating new ransomware discovered in the wild goes to new lengths to convince you to pay up. After encrypting your entire hard drive, Mamba overwrites your PC's master boot record, preventing it from starting Windows.